e-QIP fallout and more phishing schemes

By FCW Staff

Jul 01, 2015

What happens without e-QIP?

The Office of Personnel Management's decision to suspend operations of its e-QIP security clearance system in the wake of the massive data breach at the agency could cripple contractors' abilities to adequately staff contracts and meet mission requirements, the Professional Services Council said in a July 1 letter to OPM Director Katherine Archuleta and OMB Deputy Director Beth Cobert.

PSC President and CEO Stan Soloway said he was "deeply concerned" about the shutdown, even with the supplemental help in clearing background checks announced by OPM. "Only a handful of agencies have authority to grant temporary clearances, so it is urgent that OPM clarify how it will mitigate the e-QIP shutdown and what agencies and contractors can do to ensure missions are not harmed," he said.

In the same letter, Soloway urged OPM to provide information "promptly" on who was affected by the larger breach, who is entitled to credit monitoring and what benefits and support the government will provide to affected contractor employees.

Virginia Democratic Sens. Mark Warner and Tim Kaine jumped into the fray with their own letter to Archuleta. "Although OPM has noted that it is working on alternative measures to address this looming crisis, it has failed to provide any detail as to its strategy that will give adequate assurance to the thousands of Virginians who depend on having proper security credentials in place to do their jobs," the senators wrote.

Phishing schemes mimic OPM breach notifications

The millions of Americans whose personal information may have been stolen from OPM databases must also now worry about scammers trying to capitalize on the government's response to that breach, GCN reports.

A June 30 alert from the U.S. Computer Emergency Readiness Team warned that "US-CERT is aware of phishing campaigns masquerading as emails from [OPM] or the identity protection firm CSID." After the breach was disclosed June 4, OPM contracted with CSID to notify affected personnel and promised free credit monitoring for those whose records were compromised.